Cyberattack hit 1,000 firms, U.S. says

More than 1,000 U.S. businesses have been affected by the cyberattack that hit the in-store cash register systems at Target, Supervalu and most recently UPS Stores, the Department of Homeland Security said in an advisory released Friday.

The attacks were much more pervasive than previously reported, the advisory said, and hackers were pilfering the data of millions of payment cards from U.S. consumers without companies knowing about it.

On July 31, the Homeland Security Department, along with the Secret Service, the National Cybersecurity and Communications Integration Center and their partners in the security industry, warned companies to check their in-store cash register systems for a malware package that security experts called Backoff, after a word that appeared in its code. Until that point, Backoff malware was undetectable by anti-virus products.

Since then, seven companies that sell and manage in-store cash register systems have confirmed to government officials that they each had multiple clients affected, the government said Friday. Some of those clients, like UPS and Supervalu, have stepped forward, but most have not.

In all, the Secret Service estimated that more than 1,000 U.S. businesses had been affected.

A Section on 08/23/2014

Upcoming Events